Vulnerabilities > Gambio > Gambio GX

DATE CVE VULNERABILITY TITLE RISK
2020-07-28 CVE-2020-10985 Cross-site Scripting vulnerability in Gambio GX 4.0.0.0
Gambio GX before 4.0.1.0 allows XSS in admin/coupon_admin.php.
network
low complexity
gambio CWE-79
4.8
4.8
2020-07-28 CVE-2020-10984 Cross-Site Request Forgery (CSRF) vulnerability in Gambio GX 4.0.0.0
Gambio GX before 4.0.1.0 allows admin/admin.php CSRF.
network
low complexity
gambio CWE-352
8.8
8.8
2020-07-28 CVE-2020-10983 SQL Injection vulnerability in Gambio GX 4.0.0.0
Gambio GX before 4.0.1.0 allows SQL Injection in admin/mobile.php.
network
low complexity
gambio CWE-89
4.9
4.9
2020-07-28 CVE-2020-10982 SQL Injection vulnerability in Gambio GX 4.0.0.0
Gambio GX before 4.0.1.0 allows SQL Injection in admin/gv_mail.php.
network
low complexity
gambio CWE-89
4.9
4.9